-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gargle2.0 class #19
Gargle2.0 class #19
Conversation
37d7a3e
to
b5df566
Compare
fa1dd27
to
18251cd
Compare
R/service-account.R
Outdated
if (is.null(token$credentials$access_token) || | ||
!nzchar(token$credentials$access_token)) { | ||
NULL | ||
} else { | ||
## TODO(jennybc) this needs to be baked into the sub-classed service token | ||
## object, once such exists | ||
message("email: ", info[["client_email"]]) | ||
token |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm actually not sure the email needs to be baked in here, because service tokens aren't cached like OAuth tokens. Is there a reason to bother?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My only strong feeling is that there should be a uniform way to see the email attached to any Gargle2.0
token. The emails are long enough that one would never type one, but you'd definitely confirm one matches what you're seeing in the Cloud Console.
ef504fc
to
dda72be
Compare
R/Gargle-class.R
Outdated
@@ -0,0 +1,213 @@ | |||
#' Generate a Gargle token | |||
#' | |||
#' Constructor function for objects of class [`Gargle2.0`]. The `"email"` scope |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be `[Gargle2.0]`
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK I tried that but it breaks the links. I'm doing what it says in the roxygen md vignette, which, as you know, I visit frequently!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although that bullet point seems to contradict itself 🤔 The example puts the backticks outside but the prose says to put them inside. In my hands, they have to go inside.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, it should just be [Gargle2.0]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok
R/Gargle-class.R
Outdated
user_params = user_params, | ||
type = type, | ||
use_oob = use_oob, | ||
as_header = TRUE, # hard-wired, ok? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes to all hard-wiring questions
R/Gargle-class.R
Outdated
) | ||
cat( | ||
" (expires in ", | ||
self$credentials$expires_in / 60, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs format()
to eliminate extra dps
R/oauth-app.R
Outdated
#' key = "123456789.apps.googleusercontent.com", | ||
#' secret = "abcdefghijklmnopqrstuvwxyz" | ||
#' ) | ||
oauth_app <- function(appname = NULL, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's better to make this a new function: oauth_app_from_json(path)
R/oauth-app.R
Outdated
|
||
if (!is.null(path)) { | ||
stopifnot(is.character(path), length(path) == 1) | ||
info <- jsonlite::fromJSON(readChar(path, nchars = 1e5)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
read_json()
?
Comments in response to the initial questions:
In particular, I think the question of how much fidelity token management needs is closely related to the question of the default local file we cache in: if it's One other subtlety that I want to mention, but I don't think we should worry about code wise: some APIs accept multiple scopes. So basically anywhere you need a Line-by-line comments in a sec, though I suspect @hadley has already had way more insightful comments than I will. 😁 |
I pushed the changes in response to @hadley. Will make a second pass when you're done @craigcitro. |
I should add some tests around finding matching token(s). |
R/service-account.R
Outdated
if (is.null(token$credentials$access_token) || | ||
!nzchar(token$credentials$access_token)) { | ||
NULL | ||
} else { | ||
## TODO(jennybc) this needs to be baked into the sub-classed service token | ||
## object, once such exists | ||
message("email: ", info[["client_email"]]) | ||
token |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My only strong feeling is that there should be a uniform way to see the email attached to any Gargle2.0
token. The emails are long enough that one would never type one, but you'd definitely confirm one matches what you're seeing in the Cloud Console.
@@ -3,6 +3,7 @@ Title: Easier Auth for Google Services | |||
Version: 0.0.0.9000 | |||
Authors@R: c( | |||
person("Craig", "Citro", , "craigcitro@google.com", c("aut", "cre")), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At this point, I almost wonder if we should drop aut
for my entry. 😉
R/Gargle-class.R
Outdated
#' Constructor function for objects of class [`Gargle2.0`]. The `"email"` scope | ||
#' is always added if not already present. This is needed to retrieve the email | ||
#' address associated with the token. This is considered a "low value" scope and | ||
#' does not appear on the consent screen. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd throw a link to https://developers.google.com/+/web/api/rest/oauth#email or the like in here? (Maybe I'm link-happy.)
print = function(...) { | ||
cat("<Token (via gargle)>\n", sep = "") | ||
# print(self$endpoint) ## this is TMI IMO | ||
# also, it's boring --> always google for us |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 on this being TMI
"\n", sep = "" | ||
) | ||
cat( | ||
" (expires in ", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given that code will autorefresh, should we just elide the expiration?
In particular, I feel like this info is relevant for one of us, but likely noise to the user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you're right long-term. I sense this print method will change even more before we're done. I'm going to leave it for now because I find it useful re: sanity checking that things I think are happening (or not) are actually happening (or not).
R/service-account.R
Outdated
token <- httr::TokenServiceAccount$new( | ||
endpoint = NULL, | ||
secrets = info, | ||
## TODO(jennybc) Is is really true I can't add the "email" scope here? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would be super annoying if so. 😁
(Also, Is is
-> Is it
)
It also comes up if you've gotten a token with one identity and now you want to get a token with another. I'm going to think on making it easier to say "new OAuth dance" and will pursue @craigcitro's leads re: using a login hint. |
Please consider this an actual PR now.
Gargle2.0
extendsToken2.0
.endpoint
and a few other things are hard-wired to values appropriate to Google APIsemail
is a new field, used to distinguish tokens for different Google users that otherwise have same endpoint + app + scopes. With regular httr caching, these clobber each other, which is how I ended up with so much DIY token stuff in googlesheets originally.I have a corresponding branch of googledrive (https://github.com/tidyverse/googledrive/tree/gargle) where I've removed all token-fetching logic and tests are passing.
I have a corresponding branch of gmailr (r-lib/gmailr#87) where I've removed all token-fetching logic and tests are passing (caveat: gmailr's tests don't cover auth). Anecdotally, I can send email, switch users, switch apps.
@hadley has already said I should rework caching more thoroughly. I'd like to do that in a second PR. Mandate:
Back to this PR: here's what direct usage looks like:
My own observations:
The email entered above, if novel, is not really connected to anything:
Make it easier to get an overview of the tokens in
.httr-outh
? To delete a token or some tokens but not all?